Enable job alerts via email!

Security Solution Analyst - Saudi Business Machines

Echelonix

Al Khobar

On-site

SAR 150,000 - 200,000

Full time

30+ days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

An established industry player is seeking a Security Solution Analyst to elevate their cybersecurity posture. This pivotal role involves establishing robust governance frameworks, ensuring compliance with laws and industry standards, and overseeing internal reviews. You'll manage GRC automation tools, coordinate external audits, and provide insightful reports to leadership. The ideal candidate will have a strong grasp of cybersecurity regulations and best practices, along with experience in vendor risk management. Join this innovative team and make a significant impact in safeguarding the organization against cyber threats.

Qualifications

Strong understanding of cybersecurity governance and compliance frameworks.
Experience with GRC tools and vendor risk management.

Responsibilities

Establish and maintain cybersecurity governance frameworks and policies.
Conduct internal compliance reviews and manage GRC automation tools.

Skills

Cybersecurity governance

Regulatory compliance frameworks

System configuration

Network security

GRC tools

Vendor risk management

Internal compliance reviews

Excellent communication skills

Education

Bachelor's degree in Cybersecurity or related field

Tools

GRC automation tools

Microsoft 365

Azure

Take Your Hiring to the Next Level

The Security Solution Analyst will be responsible for establishing and maintaining cybersecurity governance frameworks, policies, and procedures, ensuring compliance with cybersecurity laws, regulations, and industry standards. This role will oversee internal reviews, manage GRC automation tools, and coordinate external audits while providing regular reports to the Manager of GRC. The successful candidate will ensure alignment with best practices and security controls to protect the organization against cyber threats.

Detailed Responsibilities:

Establish and maintain cybersecurity governance frameworks, policies, and procedures in compliance with the National Cybersecurity Authority (NCA) controls and other regulatory standards.
Monitor and ensure compliance with cybersecurity laws, such as the Personal Data Protection Law (PDPL), ISO 27001, and related industry standards.
Review system configurations, network settings, and security controls to align with best practices and compliance requirements.
Conduct internal compliance reviews and assessments to identify security gaps and recommend areas of improvement.
Manage and optimize GRC automation tools to streamline compliance processes.
Establish and manage controls attestation procedures, ensuring that control owners validate the effectiveness of security measures.
Develop and manage vendor security assessment processes and criteria to evaluate third-party cybersecurity practices.
Provide regular reports to the Manager of GRC, communicating security risks, issues, and mitigation strategies to stakeholders.
Coordinate and support external audits and certification processes, ensuring successful outcomes.
Map relevant requirements to Information Security (IS) policies and control objectives, creating a clear linkage between policies, standards, and controls.
Ability to work on cloud security platforms such as Microsoft 365 and Azure, and manage vulnerability assessments.

Skills:

Strong understanding of cybersecurity governance and regulatory compliance frameworks.
Proficiency in system configuration, network security, and security controls.
Experience with GRC tools and automation technologies.
Vendor risk management and assessment capabilities.
Ability to conduct internal compliance reviews and coordinate external audits.
Excellent communication and reporting skills, with the ability to collaborate across teams.

Certifications: